[ic] PCI Compliance

IC Support ic_support at mnwebdesign.com
Thu Jul 15 17:43:22 UTC 2010

Ky Hisberg <kyhis2005 at yahoo.com> said:

>>I have tried many combinations, but my apache 1.3.41 config needed this to
>>pass PCI compliance:
>>SSLProtocol -ALL +TLSv1 +SSLv3
>>Thanks everyone!
>I also had to use the lines above just like Curt.  In addition I had
overlooked that in >the last complaint the port was different (443 was
droped and 465 was the only one mentioned) which turns out to be  a mail
port so I think Grants suggestion about the Cipher in Postfix sounds
logical.  I hope that's it and we can finally get the certification.  Thank
you for everybodys input.

Since you mention your mail port, I use Dovecot for my mail server and
believe I had to add this line to my dovecot.conf to pass compliance:

ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3

Your mail server may need similar configuration.

Good luck!


More information about the interchange-users mailing list